By Ariel Weintraub, Head of Enterprise Cyber Security, MassMutual
More than three million cybersecurity professionals are needed across the globe to meet threat demands, according to the (ISC)² 2022 Cybersecurity Workforce Study, and equipping the next generation with the skills to successfully navigate the cybersecurity landscape begins with focusing on early talent. For some forward-thinking organizations, summer internships are a fundamental element of growing a robust cybersecurity team to ensure that personal and company data remain protected from threat actors and hacks. But simply having an internship program is not enough to solve the workforce shortage. A successful cybersecurity internship program must address four key pillars: diversity, mentorship, exposure, and feedback.
MassMutual’s enterprise cybersecurity group has a 75% conversion rate to full-time employee roles or extended internships. We believe the success of a cybersecurity internship program stems not only from providing interns with extensive insight into an organization’s structure, but also from emphasizing diversity when choosing an intern class, providing mentorship and networking opportunities, exposing interns to other cybersecurity teams, and assigning meaningful work.
Diversity
Diversity is critical to a thriving workforce and culture, promoting more creative ideas and more informed decision-making. With many definitions of diversity, one of the most basic steps to achieving it in an internship class is to review candidates with non-traditional educational backgrounds. Why disqualify a candidate with an unrelated educational history or unconventional work background if they are intellectually curious and passionate about the security field?
Our enterprise cybersecurity program thrives in part because our intern class is filled with students who love to learn, are always asking questions, and are willing to work through learning curves. We’ve had incredible cybersecurity interns who are studying economics and psychology. Removing rigid degree requirements for internships and job descriptions helps us open our candidate pool to qualified applicants who would otherwise be overlooked.
MassMutual also promotes diversity hiring through maintaining partnerships with organizations that provide us with access to diverse and early-in-career talent, such as One In Tech, STEMatch and MiC (Minorities in Cybersecurity). We make sure to keep an open line of communication informing these partners of our internship opportunities and long-term talent goals. After all, goals are more effectively accomplished through collaboration, whether between organizations or mentors and mentees.
Mentorship
Once we’ve established our intern class, mentorship plays a key role in fostering the development of interns. It’s also the most rewarding aspect of the program for our employees. Our team ensures that interns are partnered with subject matter experts who can speak to and provide guidance on day-to-day work. We also provide every intern with an Intern Success Leader – someone from outside their daily team. The Success Leader’s relationship with an intern is intentionally less formal, providing a resource for candid questions and answers and information on business resource groups. This also ensures they have exposure to insights, experts, and exploratory learning opportunities outside of their daily team.
Exposure
Today’s cyber professionals need to be skilled in a variety of areas, which is why MassMutual’s enterprise cybersecurity program exposes interns to different teams within the cybersecurity program to help them along their career journeys. For example, we offer a rotational program designed to allow exploration into different career paths. Our Cybersecurity Career Pathfinder Program provides an opportunity for those starting their careers in cybersecurity to explore a wide breadth of jobs across the industry, accelerating their skills and knowledge base. Exposure also comes in the form of networking. Interns are encouraged to attend events like presentations hosted by teams within the broader technology organization or even town halls where interns specifically can pose questions to our CEO.
Feedback Loop
Asking questions is key for both leaders and interns. For companies looking to build their own cybersecurity internship programs, and through it their future workforce, it’s important to keep in mind that a quality internship requires time and resources; leaders from the top-down need to be invested in the program and listen critically, acting on relevant learnings and ideas. Adequate investment in an internship program not only serves the next generation but paves the way for some fantastic future employees for your organization, building loyalty in both directions from the onset of their experience with your company. While interns are at MassMutual, we want to ensure they have meaningful opportunities that genuinely contribute to our business. By nontraditionally seeking and training future cyber leaders, our industry as a whole becomes more secure.
+++
About Ariel:
Ariel Weintraub (she/her) is Head of Enterprise Cyber Security at MassMutual, serving as the first woman Head of Enterprise Security (CISO equivalent) in the company’s 172-year history. She first joined MassMutual in 2019 as Head of Security Operations & Engineering, responsible for overseeing the Global Security Operations Center, Security Engineering, Security Intelligence and Identity & Access Management (IAM). Prior to joining the Fortune 500 life insurance company, Ariel served as Senior Director of Data & Access Security within Cybersecurity Operations at TIAA where she led a three-year business transformation program to position IAM as a digital business enabler. Before working at TIAA, Ariel was Global Head of Vulnerability Management at BNY Mellon and was part of the Threat & Vulnerability Management practice at PricewaterhouseCoopers. Ariel earned a Master of Science in Cybersecurity from New York University Tandon School of Engineering and a Bachelor of Science in Business Administration from the University of Southern California Marshall School of Business.
Ariel’s passions include maximizing the value of threat intelligence sharing across the financial services sector, empowering women in the technology field, and tackling the cybersecurity workforce shortage while increasing its diversity. In addition to her CISO responsibilities, Ariel serves on the Board for the Executive Women’s Forum, the ISACA One in Tech Foundation, and the FS-ISAC Board of Directors. Her expertise and passions have been featured in various speaking engagements and news outlets including CSO Online, Women in Security Magazine, the CISO Series, InformationWeek, and many more. Most recently, she was recognized as one of Security Magazine’s Top Cybersecurity Leaders of 2023.